Standards, Regulations & Compliance
Think GDPR Won't Apply to You? Think Again
Robert Mills of Information Security Forum on Who Must Comply, and How to PrepareIn North America, many organizations mistakenly believe the European Union's General Data Protection Regulation won't impact them, says Robert Mills of the Information Security Forum. "If they are multinational and holding EU data, it does apply to them," he points out.
See Also: What is the Future of AI in IT and Security?
"This regulation has teeth. We're talking about 4 percent of annual turnover [maximium penalty for noncompliance]. That is a big hit, for even a multinational. So organizations need to be looking at this now."
In a video interview at Information Security Media Group's recent Toronto Fraud and Breach Prevention Summit, Mills also discusses:
- Who should take ownership for GDPR compliance preparation before enforcement begins next May;
- What organizations should be doing now to prepare;
- The implications for failing to comply with GDPR.
Mills is the regional director, U.S. and Canada at the Information Security Forum. Previously, he held positions at the International Customer Management Institute and Smartstops.net.